//package com.example.demo.config;
//
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.security.web.SecurityFilterChain;
//
//
//@Configuration
//@EnableWebSecurity
//@EnableGlobalMethodSecurity(prePostEnabled = true)
//public class SecurityConfig {  // 移除 WebSecurityConfigurerAdapter 继承
//
//    // 新增 AuthenticationManager bean
//    @Bean
//    public AuthenticationManager authenticationManager(
//            AuthenticationConfiguration authConfig) throws Exception {
//        return authConfig.getAuthenticationManager();
//    }
//
//    // 修改为组件式配置
//    @Bean
//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//        http
//                .authorizeRequests(authorize -> authorize
//                        .antMatchers(
//                                "/",
//                                "/index.html",
//                                // 允许auth.html访问
//                                "/auth.html",
//                                "/books/list",
//                                "/templates/**",
//                                "/api/auth/**",
//                                // 认证相关接口允许访问
//                                "/api/auth/login",
//                                "/api/auth/register",
//                                "/api/auth/logout",
//                                "/api/auth/refresh",
//                                "/login",         // 确保登录页面可访问
//                                "/css/**",        // 确保登录页面的静态资源可访问
//                                "/js/**",
//                                // swagger 允许访问
//                                "/swagger-ui.html",
//                                "/swagger-ui/**",
//                                "/v3/api-docs/**",
//                                // swagger doc.html 允许访问
//                                "/doc.html",
//                                "/webjars/**",
//                                "/favicon.ico",
//                                "/swagger-resources/**",
//                                "/v2/api-docs/**",
//                                "/swagger-resources/configuration/ui",
//                                "/swagger-resources/configuration/security",
//                                "/swagger-ui.html",
//                                "/swagger-ui/**",
//                                "/swagger-ui/index.html"
//                        ).permitAll()
//                        .antMatchers("/api/admin/**").hasRole("ADMIN")
//                        .antMatchers("/api/books/borrow", "/api/books/return").hasRole("USER")
//                        .anyRequest().authenticated()
//                )
//                //.formLogin(form -> form
//                //        .loginPage("/login")
//                //        .loginProcessingUrl("/api/auth/login")
//                //        .defaultSuccessUrl("/index.html", true) // 修改默认成功跳转路径
//                //)
//                //.logout(logout -> logout
//                //        .logoutUrl("/api/auth/logout")
//                //        .logoutSuccessUrl("/index.html")
//                //)
//                //.exceptionHandling(e -> e
//                //        .accessDeniedPage("/access-denied")
//                //)
//                //.csrf()
//                //.disable()
//        ; // 开发环境可以禁用，生产环境建议启用
//        return http.build();
//    }
//    // 保留已有的密码编码器配置
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//}